Chapter 10

Information Systems Acquisition, Development, and Maintenance

Chapter Objectives

After reading this chapter and completing the exercises, you will be able to do the following:

  • Understand the rationale for the systems development life cycle (SDLC).

  • Recognize the stages of software releases.

  • Appreciate the importance of developing secure code.

  • Be aware of the most common application development security faults.

  • Explain cryptographic components.

  • Develop policies related to systems acquisition, development, and maintenance.

Section 14 of ISO 27002:2013: “Information Systems Acquisition, Development, and Maintenance (ISADM)” focuses on the security requirements of information systems, application, and code from conception to destruction. ...

Get Developing Cybersecurity Programs and Policies, Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.